Commit a1328a67 authored by Jakub Kicinski's avatar Jakub Kicinski Committed by Paolo Abeni
Browse files

selftests: tls: check that disconnect does nothing 

"Inspired" by syzbot test, pre-queue some data, disconnect()
and try to receive(). This used to trigger a warning in TLS's strp.
Now we expect the disconnect() to have almost no effect.

Link: https://lore.kernel.org/67e6be74.050a0220.2f068f.007e.GAE@google.com


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
Reviewed-by: default avatarSabrina Dubroca <sd@queasysnail.net>
Link: https://patch.msgid.link/20250404180334.3224206-2-kuba@kernel.org


Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
parent 5071a1e6

tools/testing/selftests/net/tls.c

+36 −0
Original line number Diff line number Diff line
@@ -1753,6 +1753,42 @@ TEST_F(tls_basic, rekey_tx) 
	EXPECT_EQ(memcmp(buf, test_str, send_len), 0);

}



TEST_F(tls_basic, disconnect)

{

	char const *test_str = "test_message";

	int send_len = strlen(test_str) + 1;

	struct tls_crypto_info_keys key;

	struct sockaddr_in addr;

	char buf[20];

	int ret;



	if (self->notls)

		return;



	tls_crypto_info_init(TLS_1_3_VERSION, TLS_CIPHER_AES_GCM_128,

			     &key, 0);



	ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &key, key.len);

	ASSERT_EQ(ret, 0);



	/* Pre-queue the data so that setsockopt parses it but doesn't

	 * dequeue it from the TCP socket. recvmsg would dequeue.

	 */

	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);



	ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &key, key.len);

	ASSERT_EQ(ret, 0);



	addr.sin_family = AF_UNSPEC;

	addr.sin_addr.s_addr = htonl(INADDR_ANY);

	addr.sin_port = 0;

	ret = connect(self->cfd, &addr, sizeof(addr));

	EXPECT_EQ(ret, -1);

	EXPECT_EQ(errno, EOPNOTSUPP);



	EXPECT_EQ(recv(self->cfd, buf, send_len, 0), send_len);

}



TEST_F(tls, rekey)

{

	char const *test_str_1 = "test_message_before_rekey";